Loading nixos/modules/services/web-servers/stargazer.nix +27 −29 Original line number Diff line number Diff line { config, lib, pkgs, ... }: with lib; let cfg = config.services.stargazer; globalSection = '' Loading @@ -15,9 +13,9 @@ let [:tls] store = ${toString cfg.store} organization = ${cfg.certOrg} gen-certs = ${boolToString cfg.genCerts} regen-certs = ${boolToString cfg.regenCerts} ${optionalString (cfg.certLifetime != "") "cert-lifetime = ${cfg.certLifetime}"} gen-certs = ${lib.boolToString cfg.genCerts} regen-certs = ${lib.boolToString cfg.regenCerts} ${lib.optionalString (cfg.certLifetime != "") "cert-lifetime = ${cfg.certLifetime}"} ''; genINI = lib.generators.toINI { }; Loading @@ -36,38 +34,38 @@ let in { options.services.stargazer = { enable = mkEnableOption (lib.mdDoc "Stargazer Gemini server"); enable = lib.mkEnableOption (lib.mdDoc "Stargazer Gemini server"); listen = lib.mkOption { type = types.listOf types.str; default = [ "0.0.0.0" ] ++ optional config.networking.enableIPv6 "[::0]"; defaultText = literalExpression ''[ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"''; example = literalExpression ''[ "10.0.0.12" "[2002:a00:1::]" ]''; type = lib.types.listOf lib.types.str; default = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"; defaultText = lib.literalExpression ''[ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"''; example = lib.literalExpression ''[ "10.0.0.12" "[2002:a00:1::]" ]''; description = lib.mdDoc '' Address and port to listen on. ''; }; connectionLogging = lib.mkOption { type = types.bool; type = lib.types.bool; default = true; description = lib.mdDoc "Whether or not to log connections to stdout."; }; ipLog = lib.mkOption { type = types.bool; type = lib.types.bool; default = false; description = lib.mdDoc "Log client IP addresses in the connection log."; }; ipLogPartial = lib.mkOption { type = types.bool; type = lib.types.bool; default = false; description = lib.mdDoc "Log partial client IP addresses in the connection log."; }; requestTimeout = lib.mkOption { type = types.int; type = lib.types.int; default = 5; description = lib.mdDoc '' Number of seconds to wait for the client to send a complete Loading @@ -76,7 +74,7 @@ in }; responseTimeout = lib.mkOption { type = types.int; type = lib.types.int; default = 0; description = lib.mdDoc '' Number of seconds to wait for the client to send a complete Loading @@ -86,7 +84,7 @@ in }; store = lib.mkOption { type = types.path; type = lib.types.path; default = /var/lib/gemini/certs; description = lib.mdDoc '' Path to the certificate store on disk. This should be a Loading @@ -95,7 +93,7 @@ in }; certOrg = lib.mkOption { type = types.str; type = lib.types.str; default = "stargazer"; description = lib.mdDoc '' The name of the organization responsible for the X.509 Loading @@ -104,7 +102,7 @@ in }; genCerts = lib.mkOption { type = types.bool; type = lib.types.bool; default = true; description = lib.mdDoc '' Set to false to disable automatic certificate generation. Loading @@ -113,7 +111,7 @@ in }; regenCerts = lib.mkOption { type = types.bool; type = lib.types.bool; default = true; description = lib.mdDoc '' Set to false to turn off automatic regeneration of expired certificates. Loading @@ -122,13 +120,13 @@ in }; certLifetime = lib.mkOption { type = types.str; type = lib.types.str; default = ""; description = lib.mdDoc '' How long certs generated by Stargazer should live for. Certs live forever by default. ''; example = literalExpression "\"1y\""; example = lib.literalExpression "\"1y\""; }; routes = lib.mkOption { Loading Loading @@ -178,20 +176,20 @@ in ''; }; user = mkOption { type = types.str; user = lib.mkOption { type = lib.types.str; default = "stargazer"; description = lib.mdDoc "User account under which stargazer runs."; }; group = mkOption { type = types.str; group = lib.mkOption { type = lib.types.str; default = "stargazer"; description = lib.mdDoc "Group account under which stargazer runs."; }; }; config = mkIf cfg.enable { config = lib.mkIf cfg.enable { systemd.services.stargazer = { description = "Stargazer gemini server"; after = [ "network.target" ]; Loading @@ -207,19 +205,19 @@ in # Create default cert store system.activationScripts.makeStargazerCertDir = optionalAttrs (cfg.store == /var/lib/gemini/certs) '' lib.optionalAttrs (cfg.store == /var/lib/gemini/certs) '' mkdir -p /var/lib/gemini/certs chown -R ${cfg.user}:${cfg.group} /var/lib/gemini/certs ''; users.users = optionalAttrs (cfg.user == "stargazer") { users.users = lib.optionalAttrs (cfg.user == "stargazer") { stargazer = { group = cfg.group; isSystemUser = true; }; }; users.groups = optionalAttrs (cfg.group == "stargazer") { users.groups = lib.optionalAttrs (cfg.group == "stargazer") { stargazer = { }; }; }; Loading Loading
nixos/modules/services/web-servers/stargazer.nix +27 −29 Original line number Diff line number Diff line { config, lib, pkgs, ... }: with lib; let cfg = config.services.stargazer; globalSection = '' Loading @@ -15,9 +13,9 @@ let [:tls] store = ${toString cfg.store} organization = ${cfg.certOrg} gen-certs = ${boolToString cfg.genCerts} regen-certs = ${boolToString cfg.regenCerts} ${optionalString (cfg.certLifetime != "") "cert-lifetime = ${cfg.certLifetime}"} gen-certs = ${lib.boolToString cfg.genCerts} regen-certs = ${lib.boolToString cfg.regenCerts} ${lib.optionalString (cfg.certLifetime != "") "cert-lifetime = ${cfg.certLifetime}"} ''; genINI = lib.generators.toINI { }; Loading @@ -36,38 +34,38 @@ let in { options.services.stargazer = { enable = mkEnableOption (lib.mdDoc "Stargazer Gemini server"); enable = lib.mkEnableOption (lib.mdDoc "Stargazer Gemini server"); listen = lib.mkOption { type = types.listOf types.str; default = [ "0.0.0.0" ] ++ optional config.networking.enableIPv6 "[::0]"; defaultText = literalExpression ''[ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"''; example = literalExpression ''[ "10.0.0.12" "[2002:a00:1::]" ]''; type = lib.types.listOf lib.types.str; default = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"; defaultText = lib.literalExpression ''[ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"''; example = lib.literalExpression ''[ "10.0.0.12" "[2002:a00:1::]" ]''; description = lib.mdDoc '' Address and port to listen on. ''; }; connectionLogging = lib.mkOption { type = types.bool; type = lib.types.bool; default = true; description = lib.mdDoc "Whether or not to log connections to stdout."; }; ipLog = lib.mkOption { type = types.bool; type = lib.types.bool; default = false; description = lib.mdDoc "Log client IP addresses in the connection log."; }; ipLogPartial = lib.mkOption { type = types.bool; type = lib.types.bool; default = false; description = lib.mdDoc "Log partial client IP addresses in the connection log."; }; requestTimeout = lib.mkOption { type = types.int; type = lib.types.int; default = 5; description = lib.mdDoc '' Number of seconds to wait for the client to send a complete Loading @@ -76,7 +74,7 @@ in }; responseTimeout = lib.mkOption { type = types.int; type = lib.types.int; default = 0; description = lib.mdDoc '' Number of seconds to wait for the client to send a complete Loading @@ -86,7 +84,7 @@ in }; store = lib.mkOption { type = types.path; type = lib.types.path; default = /var/lib/gemini/certs; description = lib.mdDoc '' Path to the certificate store on disk. This should be a Loading @@ -95,7 +93,7 @@ in }; certOrg = lib.mkOption { type = types.str; type = lib.types.str; default = "stargazer"; description = lib.mdDoc '' The name of the organization responsible for the X.509 Loading @@ -104,7 +102,7 @@ in }; genCerts = lib.mkOption { type = types.bool; type = lib.types.bool; default = true; description = lib.mdDoc '' Set to false to disable automatic certificate generation. Loading @@ -113,7 +111,7 @@ in }; regenCerts = lib.mkOption { type = types.bool; type = lib.types.bool; default = true; description = lib.mdDoc '' Set to false to turn off automatic regeneration of expired certificates. Loading @@ -122,13 +120,13 @@ in }; certLifetime = lib.mkOption { type = types.str; type = lib.types.str; default = ""; description = lib.mdDoc '' How long certs generated by Stargazer should live for. Certs live forever by default. ''; example = literalExpression "\"1y\""; example = lib.literalExpression "\"1y\""; }; routes = lib.mkOption { Loading Loading @@ -178,20 +176,20 @@ in ''; }; user = mkOption { type = types.str; user = lib.mkOption { type = lib.types.str; default = "stargazer"; description = lib.mdDoc "User account under which stargazer runs."; }; group = mkOption { type = types.str; group = lib.mkOption { type = lib.types.str; default = "stargazer"; description = lib.mdDoc "Group account under which stargazer runs."; }; }; config = mkIf cfg.enable { config = lib.mkIf cfg.enable { systemd.services.stargazer = { description = "Stargazer gemini server"; after = [ "network.target" ]; Loading @@ -207,19 +205,19 @@ in # Create default cert store system.activationScripts.makeStargazerCertDir = optionalAttrs (cfg.store == /var/lib/gemini/certs) '' lib.optionalAttrs (cfg.store == /var/lib/gemini/certs) '' mkdir -p /var/lib/gemini/certs chown -R ${cfg.user}:${cfg.group} /var/lib/gemini/certs ''; users.users = optionalAttrs (cfg.user == "stargazer") { users.users = lib.optionalAttrs (cfg.user == "stargazer") { stargazer = { group = cfg.group; isSystemUser = true; }; }; users.groups = optionalAttrs (cfg.group == "stargazer") { users.groups = lib.optionalAttrs (cfg.group == "stargazer") { stargazer = { }; }; }; Loading
